Abstract

R. Scandariato, Y. Ofek, M. Baldi, and P. Falcarin, "Application-oriented Trust in Networking and Computing," .

Abstract
It is well recognized that preserving authenticity of applications being executed in untrusted machines (a.k.a. client-side security) is an open problem. Authenticity requires that application code is not tampered with, prior to or during execution, by a malicious user. This paper presents a novel method to assure authenticity of application code by means of an authenticity-preserving software module that is combined with the application code. The software module is a trusted logic component that can be replaced continuously from a trusted remote location during run-time. Hence, adversaries attempting to tamper with the application by means of reverse-engineering have arbitrary limited time to succeed. For added assurance, the software module produces continuous sequence of proofs of its proper operation that are verified remotely. The above-mentioned method is dubbed remote entrusting. The paper discusses general, domain-neutral solution principles for remote entrusting and presents actual implementation and experimentation in the context of client-server applications.